Firebox SOHO 6 Wireless
August 29, 2003
If no one has ever coined the phrase 'good security comes in small boxes,' they should, because it describes this product from WatchGuard perfectly.
WatchGuard may not be a name that springs immediately to a Wi-Fi administrator's mind, but network security administrators know it well as one of the more trusted names in the business. But, with the introduction of their Firebox SOHO 6 Wireless line, it shouldn't be long before WatchGuard is a workplace name in Wi-Fi shops as well.
The Firebox SOHO 6 Wireless combines an Intersil chip-based 802.11b access point, 4-port Fast Ethernet switch, and a single Fast Ethernet Wide Area Network (WAN) port for either cable/DSL or network connections into a single, small red metallic package. So far, so ordinary. What sets the SOHO 6 apart from similar access point/firewalls like Sonicwall's SOHO TZW, is that it also includes WatchGuard's tried and true virtual private network (VPN) and firewall.
The VPN uses IP Security
Triple DES can be slow, but one of WatchGuard's chief virtues is that their devices can decrypt Triple DES in a hurry. With its Brecis multi-service 150MHz processor and 16MB of RAM, the SOHO 6 is no exception with a claimed throughput speed of 20Mbps. In informal tests, with a maximum throughput of 11Mbps over the Wi-Fi link, WatchGuard had no trouble keeping the encrypted data stream flowing.
Unfortunately, the SOHO 6 comes with only one Mobile VPN license for wireless users. With the SOHO 6 VPN Service Pack 1, due out shortly, you can have VPN services for as many wired users as your license covers. The basic SOHO 6 comes with a 10-user license that can be upgraded to 25 or 50 users.
The SOHO 6tc Wireless device, a SOHO 6 variation, though comes with six Branch Office Wi-Fi VPN seats. Multi-user Mobile User VPN licenses are available for the SOHO 6 in five-user packages to a maximum of eleven Wi-Fi VPN seats. If you want more, you'll need to move up to the Firebox III or Firebox V series.The SOHO 6 also supports dynamic Domain Name Service (DNS)
In addition, the SOHO 6 also boasts a stateful packet inspection (SPI)
Unlike plain-Jane firewalls, the SOHO 6 will also work with authentication
systems like Remote Authentication Dial-In User Service
Besides the big security things, another nice thing about the SOHO 6 is that
WatchGuard gets the small things right. For example, besides just having a Dynamic
Host Configuration Protocol (DHCP)
One of the best things about any WatchGuard system is that it comes with a 90-day subscription to WatchGuard's superb LiveSecurity Service. LiveSecurity provides you with firmware patches to stop the latest threats and keeps you informed of the latest security and viral news. This can be a real time saver for anyone in charge of network security and doesn't have enough hours in the day to keep track of the ever-changing world of computer and network threats.
Sounds great doesn't it? And, it is, if all you wanted was a firewall and VPN box. But, as a Wi-Fi device, the WatchGuard lacks certain basics such as advanced 802.11a, 802.11b+ or 802.11g support. How much life can there be in ordinary old 802.11b even in a small business?
The box also doesn't support the more advanced Wi-Fi security measures such as 802.1X and Wi-Fi Protected Access (WPA) for authentication and security. Of course, one could argue that with the included VPN and firewall, you don't need those features. I think a best of breed Wi-Fi security device should have the best of current wired and wireless security in the same device.
At an average street price of $529.99, the SOHO 6 is reasonable. But, to get the most out of it, you'll also need to pay for a longer subscription to LiveSecurity Service and more VPN licenses, which puts it closer to the SonicWALL price range. Even with that taken into consideration though, the SOHO 6 is probably, by a nose, the best single Wi-Fi security device and access point for the money on the market today.